The Do-It-Yourself Security Audit
The cost of a serious security breach can be very high in direct costs of fixing the problem, but even higher in the indirect costs of loss of reputation and confidence in your community. Many organisations devote significant resources to keeping malware and intruders from getting on to their network and getting access to data. Many, however, leave it to luck or leave it to later because they are not important enough to be hacked.
In this paper, free after free registration Internet.com contributor Paul Rubens shows you how to looks at how to do your own security audit, conduct penetration tests and network security scans, check password security, safeguard your wireless network etc. via . Internet.com
Typical defenses against these threats include
- A firewall to separate the corporate network from the Internet
- intrusion prevention-detection system to detect when typical hacker activities such as port scans occur and to take steps to prevent them from successfully penetrating the network
- Malware scanners to prevent malicious software getting on to the network hidden in e-mail, instant messaging or Web traffic
- The use of passwords to prevent unauthorized access to networks, computers, or data stored on them.
Every organization should have these defenses in place, but this leaves a very important question to be answered: how effective are these measures? Its a deceptively simple questiong but its essential that you know the answer to it.
That's because if you don't it may turn out that:
- Holes in your firewall leave your network vulnerable
- Your IPS/IDS is not configured correctly and will not protect your network effectively
- The passwords used to protect your resources are not sufficiently strong to provide the protection you require
- Your IT infrastructure has other vulnerabilities you are not aware of, such as an unauthorized and insecure wireless access points set up by an employee.
The paper has detailed instructions on a range of freeware and other tools that a technically competent person within your organisation can use to carry out an audit, including:
- Carrying Out Your Own Penetration Tests
- Network Discovery Scanning with Nmap
- Sniffing Your Network with Wireshark
- Checking Password Security with Hydra
- Spotting Weak Passwords Using Offline Attacks
- Checking Wireless Security with aircrack-ng
Do you carry confidential data about your clients and partners? What are your security activities and how often do you perform them? Can a tool such as this help?
Welcome back to Groupings blog. Now that you are a regular, please feel free to comment on any story that you feel comfortable with.
You might like to read these posts too:
2 comments
If you need an all in one solution then I would look at something like unified threat management also known as a UTM.Cyberoam firewall is the only UTM firewall that embeds user identity in firewall rule matching criteria, enabling enterprises to configure policies and identify users directly by the username rather than through IP addresses. Cyberoam?s powerful hardware firewall provides stateful and deep packet inspection, access control, user authentication, network and application-level protection.
The ICSA-certified Cyberoam firewall is available along with VPN, gateway anti-virus and anti-spyware, gateway anti-spam, intrusion prevention system, content filtering, bandwidth management and multiple link management, providing comprehensive security to small, medium and large enterprises, including remote and branch offices. Cyberoam is a Check Mark Level 5 certified UTM solution.
Key Features
1.Stateful Inspection Firewall
2.Centralized management for multiple security features
3.Embeds user identity in rule-matching criteria
4.Multiple zone security
5.Granular IM, P2P controls
6.ICSA certified
Thanks schoolgal. I would guess you are in the business, so feel free to drop in more often.
The list you have given looks like mostly defense, what auditing and evaluation tools does it have? And how accessible to small and medium sized NFPs would they be?
My question would be whether the two should not work in tandem, the one providing defense and the other testing to see there had been any interlopers about?
For those who don’t have the time to visit, Cyberoam is a hardware firewall appliance. Their home page doesn’t feature any actual prices so don’t be surprised to find them a bit expensive.
Leave a Comment